From 00fe904b356a38ef707bf59738849edf09424d0a Mon Sep 17 00:00:00 2001
From: Jean-Christian Denis <contact@jcdenis.fr>
Date: Sat, 3 Dec 2022 16:49:44 +0100
Subject: [PATCH] fix permissions

---
 _admin.php                   | 2 +-
 inc/class.postwidgettext.php | 4 ++--
 inc/lib.pwt.admin.php        | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/_admin.php b/_admin.php
index d029ce5..a310b8e 100644
--- a/_admin.php
+++ b/_admin.php
@@ -23,7 +23,7 @@ if (dcCore::app()->blog->settings->postwidgettext->postwidgettext_active) {
         dcCore::app()->adminurl->get('admin.plugin.postWidgetText'),
         dcPage::getPF('postWidgetText/icon.svg'),
         preg_match('/' . preg_quote(dcCore::app()->adminurl->get('admin.plugin.postWidgetText')) . '(&.*)?$/', $_SERVER['REQUEST_URI']),
-        dcCore::app()->auth->check(dcAuth::PERMISSION_CONTENT_ADMIN, dcCore::app()->blog->id)
+        dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcAuth::PERMISSION_CONTENT_ADMIN]), dcCore::app()->blog->id)
     );
 
     dcCore::app()->addBehavior('adminDashboardFavoritesV2', ['adminPostWidgetText', 'adminDashboardFavorites']);
diff --git a/inc/class.postwidgettext.php b/inc/class.postwidgettext.php
index c1ac3a3..b6f3d7e 100644
--- a/inc/class.postwidgettext.php
+++ b/inc/class.postwidgettext.php
@@ -153,7 +153,7 @@ class postWidgetText
 
         $cur->option_upddt = date('Y-m-d H:i:s');
 
-        if (!dcCore::app()->auth->check(dcAuth::PERMISSION_CONTENT_ADMIN, $this->blog)) {
+        if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcAuth::PERMISSION_CONTENT_ADMIN]), $this->blog)) {
             $params['option_id']  = $id;
             $params['user_id']    = $this->con->escape(dcCore::app()->auth->userID());
             $params['no_content'] = true;
@@ -185,7 +185,7 @@ class postWidgetText
             throw new Exception(__('No such ID'));
         }
 
-        if (!dcCore::app()->auth->check(dcAuth::PERMISSION_CONTENT_ADMIN, $this->blog)) {
+        if (!dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([dcAuth::PERMISSION_CONTENT_ADMIN]), $this->blog)) {
             $params['option_id']  = $id;
             $params['user_id']    = $this->con->escape(dcCore::app()->auth->userID());
             $params['no_content'] = true;
diff --git a/inc/lib.pwt.admin.php b/inc/lib.pwt.admin.php
index f59b313..5fc7331 100644
--- a/inc/lib.pwt.admin.php
+++ b/inc/lib.pwt.admin.php
@@ -72,10 +72,10 @@ class adminPostWidgetText
             'url'         => dcCore::app()->adminurl->get('admin.plugin.postWidgetText'),
             'small-icon'  => dcPage::getPF('postWidgetText/icon.svg'),
             'large-icon'  => dcPage::getPF('postWidgetText/icon.svg'),
-            'permissions' => dcCore::app()->auth->check(dcCore::app()->auth->makePermissions([
+            'permissions' => dcCore::app()->auth->makePermissions([
                 dcAuth::PERMISSION_USAGE,
                 dcAuth::PERMISSION_CONTENT_ADMIN,
-            ]), dcCore::app()->blog->id),
+            ]),
         ]);
     }